userapps/opensource/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf-radius

   1 path certificate "/etc/openssl/certs";
   2
   3 listen {
   4         adminsock disabled;
   5 }
   6
   7 remote anonymous {
   8         exchange_mode aggressive;
   9         certificate_type x509 "server.crt" "server.key";
  10         my_identifier asn1dn;
  11         proposal_check obey;
  12         generate_policy on;
  13         nat_traversal on;
  14         dpd_delay 20;
  15         ike_frag on;
  16         script "/etc/racoon/phase1-down.sh" phase1_down;
  17         proposal {
  18                 encryption_algorithm 3des;
  19                 hash_algorithm sha1;
  20                 authentication_method hybrid_rsa_server;
  21                 dh_group 2;
  22         }
  23 }
  24
  25 mode_cfg {
  26         pool_size 255;
  27         auth_source radius;
  28         conf_source radius;
  29         accounting radius;
  30         dns4 10.0.12.1;
  31         wins4 10.0.12.1;
  32         banner "/etc/racoon/motd";
  33 }
  34
  35 sainfo anonymous {
  36         pfs_group 2;
  37         lifetime time 12 hour;
  38         encryption_algorithm 3des, cast128, blowfish 448;
  39         authentication_algorithm hmac_sha1;
  40         compression_algorithm deflate;
  41 }
  42